Enterprise Risk Management (ERM) function aims for a structured approach for Risk Management practices, effective oversight of principle risks faced by the company, development of mitigation plans for enterprise level risks and facilitation of risk informed decision making.
Given the size, scale and complexity of the E&P business, effective Risk Management is a crucial element of corporate decision making and strategy setting process. Enterprise Risk Management (ERM) function aims for a structured approach for Risk Management practices, effective oversight of principle risks faced by the company, development of mitigation plans for enterprise level risks and facilitation of risk informed decision making.
The function focuses on the implementation and establishment of best Risk Management practices across the company and provision of standard processes to key functions for identifying, assessing, managing, monitoring and reporting risks inherent in the business for risk adjustments and setting strategic direction. The Risk Management process deals with full spectrum of risks and is ingrained in each critical decision-making phase of the company.
A well-defined Risk Management framework exists based on COSO framework and ISO 30001 standard amongst other best industry practices. Clear Risk Policy and Risk Appetite Statement have been formulated for setting expectations and compliance on part of the stakeholders. The Risk Appetite Statement defines quantitative tolerable limits and the amount of risk the company is willing to accept in the pursuit of its strategic objectives and value creation. Risk appetite guides resource allocation and assists the Company in aligning the organization, people and processes, which is essential for establishing the risk infrastructure necessary to effectively respond to risks. ERM conducts Risk Appetite Testing periodically to monitor the Risk Exposure of the company with changes in internal and external environment.
The function is headed by Senior Manager ERM, who leads a multidisciplinary team of professionals and reports to Managing Director. The governance structure for Risk Management comprises of Executive Risk Management Committee (ERMC) at the senior management level and Board Enterprise Risk Committee (BERC) at the board level, with overall oversight by the Board.